Java tutorial
/** * Copyright 2005-2014 The Kuali Foundation * * Licensed under the Educational Community License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.opensource.org/licenses/ecl2.php * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.kuali.rice.kim.web.struts.action; import java.sql.Timestamp; import java.util.ArrayList; import java.util.Arrays; import java.util.Calendar; import java.util.HashMap; import java.util.List; import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringUtils; import org.apache.struts.action.ActionForm; import org.apache.struts.action.ActionForward; import org.apache.struts.action.ActionMapping; import org.kuali.rice.core.api.delegation.DelegationType; import org.kuali.rice.core.api.membership.MemberType; import org.kuali.rice.core.api.util.RiceConstants; import org.kuali.rice.core.api.util.RiceKeyConstants; import org.kuali.rice.core.api.util.io.SerializationUtils; import org.kuali.rice.kew.api.exception.WorkflowException; import org.kuali.rice.kim.api.KimConstants; import org.kuali.rice.kim.api.group.Group; import org.kuali.rice.kim.api.identity.Person; import org.kuali.rice.kim.api.identity.principal.Principal; import org.kuali.rice.kim.api.role.Role; import org.kuali.rice.kim.api.services.KimApiServiceLocator; import org.kuali.rice.kim.bo.ui.KimDocumentRoleMember; import org.kuali.rice.kim.bo.ui.KimDocumentRolePermission; import org.kuali.rice.kim.bo.ui.KimDocumentRoleQualifier; import org.kuali.rice.kim.bo.ui.KimDocumentRoleResponsibility; import org.kuali.rice.kim.bo.ui.RoleDocumentDelegationMember; import org.kuali.rice.kim.bo.ui.RoleDocumentDelegationMemberQualifier; import org.kuali.rice.kim.document.IdentityManagementRoleDocument; import org.kuali.rice.kim.impl.responsibility.AddResponsibilityEvent; import org.kuali.rice.kim.impl.responsibility.ResponsibilityBo; import org.kuali.rice.kim.impl.type.KimTypeLookupableHelperServiceImpl; import org.kuali.rice.kim.rule.event.ui.AddDelegationMemberEvent; import org.kuali.rice.kim.rule.event.ui.AddMemberEvent; import org.kuali.rice.kim.rule.event.ui.AddPermissionEvent; import org.kuali.rice.kim.web.struts.form.IdentityManagementRoleDocumentForm; import org.kuali.rice.kns.question.ConfirmationQuestion; import org.kuali.rice.kns.web.struts.form.KualiDocumentFormBase; import org.kuali.rice.kns.web.struts.form.KualiTableRenderFormMetadata; import org.kuali.rice.krad.data.KradDataServiceLocator; import org.kuali.rice.krad.service.KRADServiceLocatorWeb; import org.kuali.rice.krad.util.GlobalVariables; import org.kuali.rice.krad.util.KRADConstants; /** * @author Kuali Rice Team (rice.collab@kuali.org) */ public class IdentityManagementRoleDocumentAction extends IdentityManagementDocumentActionBase { public static final String CHANGE_DEL_ROLE_MEMBER_METHOD_TO_CALL = "changeDelegationRoleMember"; public static final String SWITCH_TO_ROLE_MEMBER_METHOD_TO_CALL = "jumpToRoleMember"; public static final String REMOVE_AFFECTED_DELEGATES_QUESTION_ID = "RemoveAffectedDelegates"; protected List<String> methodToCallToUncheckedList = new ArrayList<String>(); /** * This method doesn't actually sort the column - it's just that we need a sort method in * order to exploit the existing methodToCall logic. The sorting is handled in the execute * method below, and delegated to the KualiTableRenderFormMetadata object. * * @param mapping * @param form * @param request * @param response * @return * @throws Exception */ { methodToCallToUncheckedList.add(CHANGE_DEL_ROLE_MEMBER_METHOD_TO_CALL); methodToCallToUncheckedList.add(CHANGE_MEMBER_TYPE_CODE_METHOD_TO_CALL); methodToCallToUncheckedList.add(CHANGE_NAMESPACE_METHOD_TO_CALL); methodToCallToUncheckedList.add(SWITCH_TO_ROLE_MEMBER_METHOD_TO_CALL); } /** * This constructs a ... */ public IdentityManagementRoleDocumentAction() { super(); for (String methodToCallToUncheck : methodToCallToUncheckedList) { addMethodToCallToUncheckedList(methodToCallToUncheck); } } public ActionForward sort(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; KualiTableRenderFormMetadata memberTableMetadata = roleDocumentForm.getMemberTableMetadata(); memberTableMetadata.setSwitchToPageNumber(0); return mapping.findForward(RiceConstants.MAPPING_BASIC); } @Override public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; if (roleDocumentForm.getRoleId() == null) { String roleId = request.getParameter(KimConstants.PrimaryKeyConstants.SUB_ROLE_ID); roleDocumentForm.setRoleId(roleId); } KualiTableRenderFormMetadata memberTableMetadata = roleDocumentForm.getMemberTableMetadata(); if (roleDocumentForm.getRoleDocument() != null && roleDocumentForm.getMemberRows() != null) { memberTableMetadata.jumpToPage(memberTableMetadata.getViewedPageNumber(), roleDocumentForm.getMemberRows().size(), roleDocumentForm.getRecordsPerPage()); // KULRICE-3972: need to be able to sort by column header like on lookups when editing large roles and groups memberTableMetadata.sort(roleDocumentForm.getMemberRows(), roleDocumentForm.getRecordsPerPage()); } // KULRICE-4762: active delegates of "inactivated" role members cause validation problems ActionForward forward = promptForAffectedDelegates(mapping, form, request, response, roleDocumentForm); // if we need to prompt the user due to affected delegates, do so: if (forward != null) { return forward; } forward = super.execute(mapping, roleDocumentForm, request, response); roleDocumentForm.setCanAssignRole(validAssignRole(roleDocumentForm.getRoleDocument())); if (KimTypeLookupableHelperServiceImpl .hasDerivedRoleTypeService(roleDocumentForm.getRoleDocument().getKimType())) { roleDocumentForm.setCanModifyAssignees(false); } GlobalVariables.getUserSession().addObject(KimConstants.KimUIConstants.KIM_ROLE_DOCUMENT_SHORT_KEY, roleDocumentForm.getRoleDocument()); return forward; } /** * This overridden method ... * * @see org.kuali.rice.krad.web.struts.action.KualiDocumentActionBase#loadDocument(org.kuali.rice.krad.web.struts.form.KualiDocumentFormBase) */ @Override protected void loadDocument(KualiDocumentFormBase form) throws WorkflowException { super.loadDocument(form); IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; setKimType(roleDocumentForm.getRoleDocument().getRoleTypeId(), roleDocumentForm); getUiDocumentService().setDelegationMembersInDocument(roleDocumentForm.getRoleDocument()); getUiDocumentService().setMembersInDocument(roleDocumentForm.getRoleDocument()); roleDocumentForm.setMember(roleDocumentForm.getRoleDocument().getBlankMember()); roleDocumentForm.setDelegationMember(roleDocumentForm.getRoleDocument().getBlankDelegationMember()); KualiTableRenderFormMetadata memberTableMetadata = roleDocumentForm.getMemberTableMetadata(); if (roleDocumentForm.getMemberRows() != null) { memberTableMetadata.jumpToFirstPage(roleDocumentForm.getMemberRows().size(), roleDocumentForm.getRecordsPerPage()); } } /** * This overridden method ... * * @see org.kuali.rice.krad.web.struts.action.KualiDocumentActionBase#createDocument(org.kuali.rice.krad.web.struts.form.KualiDocumentFormBase) */ @Override protected void createDocument(KualiDocumentFormBase form) throws WorkflowException { super.createDocument(form); IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; if (roleDocumentForm.getRoleId() == null) { roleDocumentForm.getRoleDocument().setKimType(roleDocumentForm.getKimType()); roleDocumentForm.getRoleDocument().initializeDocumentForNewRole(); roleDocumentForm.setRoleId(roleDocumentForm.getRoleDocument().getRoleId()); //roleDocumentForm.setKimType(KimApiServiceLocator.getKimTypeInfoService().getKimType(roleDocumentForm.getRoleDocument().getRoleTypeId())); } else { loadRoleIntoDocument(roleDocumentForm.getRoleId(), roleDocumentForm); } roleDocumentForm.setMember(roleDocumentForm.getRoleDocument().getBlankMember()); roleDocumentForm.setDelegationMember(roleDocumentForm.getRoleDocument().getBlankDelegationMember()); KualiTableRenderFormMetadata memberTableMetadata = roleDocumentForm.getMemberTableMetadata(); if (roleDocumentForm.getMemberRows() != null) { memberTableMetadata.jumpToFirstPage(roleDocumentForm.getMemberRows().size(), roleDocumentForm.getRecordsPerPage()); } } protected void setKimType(String kimTypeId, IdentityManagementRoleDocumentForm roleDocumentForm) { if (StringUtils.isNotBlank(kimTypeId)) { roleDocumentForm.setKimType(KimApiServiceLocator.getKimTypeInfoService().getKimType(kimTypeId)); if (roleDocumentForm.getRoleDocument() != null) { roleDocumentForm.getRoleDocument().setKimType(roleDocumentForm.getKimType()); } } else if (roleDocumentForm.getRoleDocument() != null && StringUtils.isNotBlank(roleDocumentForm.getRoleDocument().getRoleTypeId())) { roleDocumentForm.setKimType(KimApiServiceLocator.getKimTypeInfoService() .getKimType(roleDocumentForm.getRoleDocument().getRoleTypeId())); roleDocumentForm.getRoleDocument().setKimType(roleDocumentForm.getKimType()); } } protected void loadRoleIntoDocument(String roleId, IdentityManagementRoleDocumentForm roleDocumentForm) { Role role = KimApiServiceLocator.getRoleService().getRole(roleId); roleDocumentForm.getRoleDocument() .setMemberMetaDataTypeToSort(roleDocumentForm.getMemberTableMetadata().getColumnToSortIndex()); getUiDocumentService().loadRoleDoc(roleDocumentForm.getRoleDocument(), role); } /** * @see org.kuali.rice.kim.web.struts.action.IdentityManagementDocumentActionBase#getActionName() */ @Override public String getActionName() { return KimConstants.KimUIConstants.KIM_ROLE_DOCUMENT_ACTION; } protected boolean validAssignRole(IdentityManagementRoleDocument document) { boolean rulePassed = true; if (StringUtils.isNotEmpty(document.getRoleNamespace())) { Map<String, String> additionalPermissionDetails = new HashMap<String, String>(); additionalPermissionDetails.put(KimConstants.AttributeConstants.NAMESPACE_CODE, document.getRoleNamespace()); additionalPermissionDetails.put(KimConstants.AttributeConstants.ROLE_NAME, document.getRoleName()); if (!getDocumentHelperService().getDocumentAuthorizer(document).isAuthorizedByTemplate(document, KimConstants.NAMESPACE_CODE, KimConstants.PermissionTemplateNames.ASSIGN_ROLE, GlobalVariables.getUserSession().getPrincipalId(), additionalPermissionDetails, null)) { rulePassed = false; } } return rulePassed; } public ActionForward changeMemberTypeCode(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; roleDocumentForm.getMember().setMemberId(""); return refresh(mapping, roleDocumentForm, request, response); } public ActionForward changeDelegationMemberTypeCode(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; KimDocumentRoleMember roleMember = roleDocumentForm.getRoleDocument() .getMember(roleDocumentForm.getDelegationMember().getRoleMemberId()); if (roleMember != null) { RoleDocumentDelegationMemberQualifier delegationMemberQualifier; for (KimDocumentRoleQualifier roleQualifier : roleMember.getQualifiers()) { delegationMemberQualifier = roleDocumentForm.getDelegationMember() .getQualifier(roleQualifier.getKimAttrDefnId()); delegationMemberQualifier.setAttrVal(roleQualifier.getAttrVal()); } } return refresh(mapping, roleDocumentForm, request, response); } public ActionForward addResponsibility(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; KimDocumentRoleResponsibility newResponsibility = roleDocumentForm.getResponsibility(); if (newResponsibility != null && StringUtils.isNotBlank(newResponsibility.getResponsibilityId())) { ResponsibilityBo responsibilityImpl = KradDataServiceLocator.getDataObjectService() .find(ResponsibilityBo.class, newResponsibility.getResponsibilityId()); newResponsibility.setKimResponsibility(responsibilityImpl); } if (KRADServiceLocatorWeb.getKualiRuleService().applyRules( new AddResponsibilityEvent("", roleDocumentForm.getRoleDocument(), newResponsibility))) { if (newResponsibility != null) { newResponsibility.setDocumentNumber(roleDocumentForm.getDocument().getDocumentNumber()); } roleDocumentForm.getRoleDocument().addResponsibility(newResponsibility); roleDocumentForm.setResponsibility(new KimDocumentRoleResponsibility()); roleDocumentForm.getRoleDocument().updateMembers(newResponsibility); } return mapping.findForward(RiceConstants.MAPPING_BASIC); } public ActionForward deleteResponsibility(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; roleDocumentForm.getRoleDocument().getResponsibilities().remove(getLineToDelete(request)); roleDocumentForm.getRoleDocument().updateMembers(roleDocumentForm); return mapping.findForward(RiceConstants.MAPPING_BASIC); } public ActionForward addPermission(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; KimDocumentRolePermission newPermission = roleDocumentForm.getPermission(); if (KRADServiceLocatorWeb.getKualiRuleService() .applyRules(new AddPermissionEvent("", roleDocumentForm.getRoleDocument(), newPermission))) { newPermission.setDocumentNumber(roleDocumentForm.getDocument().getDocumentNumber()); newPermission.setRoleId(roleDocumentForm.getRoleDocument().getRoleId()); roleDocumentForm.getRoleDocument().getPermissions().add(newPermission); roleDocumentForm.setPermission(new KimDocumentRolePermission()); } return mapping.findForward(RiceConstants.MAPPING_BASIC); } public ActionForward addMember(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; KimDocumentRoleMember newMember = roleDocumentForm.getMember(); //See if possible to add with just Group Details filled in (not returned from lookup) if (StringUtils.equals(newMember.getMemberTypeCode(), KimConstants.KimGroupMemberTypes.GROUP_MEMBER_TYPE.getCode()) && StringUtils.isEmpty(newMember.getMemberId()) && !newMember.isMemberNameNull() && !newMember.isMemberNameSpaceCodeNull()) { Group tempGroup = KimApiServiceLocator.getGroupService() .getGroupByNamespaceCodeAndName(newMember.getMemberNamespaceCode(), newMember.getMemberName()); if (tempGroup != null) { newMember.setMemberId(tempGroup.getId()); } } //See if possible to grab details for Principal if (StringUtils.equals(newMember.getMemberTypeCode(), KimConstants.KimGroupMemberTypes.PRINCIPAL_MEMBER_TYPE.getCode()) && StringUtils.isEmpty(newMember.getMemberId()) && StringUtils.isNotEmpty(newMember.getMemberName())) { Principal principal = KimApiServiceLocator.getIdentityService() .getPrincipalByPrincipalName(newMember.getMemberName()); if (principal != null) { newMember.setMemberId(principal.getPrincipalId()); String fullName = checkMemberFullName(principal.getPrincipalId()); if (fullName != null) { newMember.setMemberFullName(fullName); } } } else if (StringUtils.equals(newMember.getMemberTypeCode(), KimConstants.KimGroupMemberTypes.PRINCIPAL_MEMBER_TYPE.getCode()) && StringUtils.isNotEmpty(newMember.getMemberId()) && StringUtils.isNotEmpty(newMember.getMemberName())) { String fullName = checkMemberFullName(newMember.getMemberId()); if (fullName != null) { newMember.setMemberFullName(fullName); } } if (checkKimDocumentRoleMember(newMember) && KRADServiceLocatorWeb.getKualiRuleService() .applyRules(new AddMemberEvent("", roleDocumentForm.getRoleDocument(), newMember))) { newMember.setDocumentNumber(roleDocumentForm.getDocument().getDocumentNumber()); roleDocumentForm.getRoleDocument().addMember(newMember); roleDocumentForm.setMember(roleDocumentForm.getRoleDocument().getBlankMember()); } return mapping.findForward(RiceConstants.MAPPING_BASIC); } protected String checkMemberFullName(String principalId) { Principal principal = getIdentityService().getPrincipal(principalId); if (principal != null) { Person psn = KimApiServiceLocator.getPersonService() .getPersonByPrincipalName(principal.getPrincipalName()); if (psn != null) { return psn.getFirstName() + " " + psn.getLastName(); } } return null; } protected boolean checkKimDocumentRoleMember(KimDocumentRoleMember newMember) { boolean memberExists = false; String memberName = null; String memberNamespace = null; if (StringUtils.isBlank(newMember.getMemberId())) { GlobalVariables.getMessageMap().putError("document.member.memberId", RiceKeyConstants.ERROR_EMPTY_ENTRY, new String[] { "Member ID" }); return false; } if (MemberType.PRINCIPAL.getCode().equals(newMember.getMemberTypeCode())) { Principal pi = this.getIdentityService().getPrincipal(newMember.getMemberId()); if (pi != null) { memberExists = true; memberName = pi.getPrincipalName(); memberNamespace = ""; } } else if (MemberType.GROUP.getCode().equals(newMember.getMemberTypeCode())) { Group gi = KimApiServiceLocator.getGroupService().getGroup(newMember.getMemberId()); if (gi != null) { memberExists = true; memberName = gi.getName(); memberNamespace = gi.getNamespaceCode(); } } else if (MemberType.ROLE.getCode().equals(newMember.getMemberTypeCode())) { Role ri = KimApiServiceLocator.getRoleService().getRole(newMember.getMemberId()); if (!validateRole(newMember.getMemberId(), ri, "document.member.memberId", "Role")) { return false; } else { memberExists = true; memberName = ri.getName(); memberNamespace = ri.getNamespaceCode(); } } if (!memberExists) { GlobalVariables.getMessageMap().putError("document.member.memberId", RiceKeyConstants.ERROR_MEMBERID_MEMBERTYPE_MISMATCH, new String[] { newMember.getMemberId() }); return false; } newMember.setMemberName(memberName); newMember.setMemberNamespaceCode(memberNamespace); return true; } public ActionForward deleteMember(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; KimDocumentRoleMember inactivatedRoleMember = roleDocumentForm.getRoleDocument().getModifiedMembers() .get(getLineToDelete(request)); // KULRICE-4762: active delegates of "inactivated" role members cause validation problems ActionForward forward = promptForAffectedDelegates(mapping, form, request, response, roleDocumentForm, /* we haven't actually inactivated them yet, so specify them here */ inactivatedRoleMember); // if we need to prompt the user due to affected delegates, do so: if (forward != null) { return forward; } Calendar cal = Calendar.getInstance(); inactivatedRoleMember.setActiveToDate(new Timestamp(cal.getTimeInMillis())); roleDocumentForm.getRoleDocument().getModifiedMembers().set(getLineToDelete(request), inactivatedRoleMember); return mapping.findForward(RiceConstants.MAPPING_BASIC); } public ActionForward editMember(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; KimDocumentRoleMember roleMemberToEdit = roleDocumentForm.getRoleDocument().getMembers() .get(getLineToEdit(request)); KimDocumentRoleMember copiedMember = (KimDocumentRoleMember) SerializationUtils.deepCopy(roleMemberToEdit); roleDocumentForm.getRoleDocument().getModifiedMembers().add(copiedMember); roleDocumentForm.getRoleDocument().getMembers().remove(roleMemberToEdit); return mapping.findForward(RiceConstants.MAPPING_BASIC); } public ActionForward editSearchResultsMember(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; KimDocumentRoleMember roleMemberToEdit = roleDocumentForm.getRoleDocument().getSearchResultMembers() .get(getLineToEdit(request)); KimDocumentRoleMember copiedMember = (KimDocumentRoleMember) SerializationUtils.deepCopy(roleMemberToEdit); roleDocumentForm.getRoleDocument().getModifiedMembers().add(copiedMember); roleDocumentForm.getRoleDocument().getSearchResultMembers().remove(roleMemberToEdit); roleDocumentForm.getRoleDocument().getMembers().remove(roleMemberToEdit); return mapping.findForward(RiceConstants.MAPPING_BASIC); } public ActionForward search(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; String memberSearchValue = roleDocumentForm.getMemberSearchValue(); if (memberSearchValue != null && !memberSearchValue.isEmpty()) { memberSearchValue = memberSearchValue.replaceAll("[%*]", ""); getUiDocumentService().loadRoleMembersBasedOnSearch(roleDocumentForm.getRoleDocument(), memberSearchValue); } else { clear(mapping, form, request, response); } return mapping.findForward(RiceConstants.MAPPING_BASIC); } public ActionForward clear(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; roleDocumentForm.setMemberSearchValue(""); getUiDocumentService().clearRestrictedRoleMembersSearchResults(roleDocumentForm.getRoleDocument()); KualiTableRenderFormMetadata memberTableMetadata = roleDocumentForm.getMemberTableMetadata(); if (roleDocumentForm.getMemberRows() != null) { memberTableMetadata.jumpToFirstPage(roleDocumentForm.getMemberRows().size(), roleDocumentForm.getRecordsPerPage()); } return mapping.findForward(RiceConstants.MAPPING_BASIC); } public ActionForward deletePermission(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; roleDocumentForm.getRoleDocument().getPermissions().remove(getLineToDelete(request)); return mapping.findForward(RiceConstants.MAPPING_BASIC); } protected boolean checkDelegationMember(RoleDocumentDelegationMember newMember) { if (StringUtils.isBlank(newMember.getMemberTypeCode()) || StringUtils.isBlank(newMember.getMemberId())) { GlobalVariables.getMessageMap().putError("document.delegationMember.memberId", RiceKeyConstants.ERROR_EMPTY_ENTRY, new String[] { "Member Type Code and Member ID" }); return false; } if (MemberType.PRINCIPAL.getCode().equals(newMember.getMemberTypeCode())) { Principal principalInfo = getIdentityService().getPrincipal(newMember.getMemberId()); if (principalInfo == null) { GlobalVariables.getMessageMap().putError("document.delegationMember.memberId", RiceKeyConstants.ERROR_MEMBERID_MEMBERTYPE_MISMATCH, new String[] { newMember.getMemberId() }); return false; } else { newMember.setMemberName(principalInfo.getPrincipalName()); } } else if (MemberType.GROUP.getCode().equals(newMember.getMemberTypeCode())) { Group groupInfo = null; groupInfo = getGroupService().getGroup(newMember.getMemberId()); if (groupInfo == null) { GlobalVariables.getMessageMap().putError("document.delegationMember.memberId", RiceKeyConstants.ERROR_MEMBERID_MEMBERTYPE_MISMATCH, new String[] { newMember.getMemberId() }); return false; } else { newMember.setMemberName(groupInfo.getName()); newMember.setMemberNamespaceCode(groupInfo.getNamespaceCode()); } } else if (MemberType.ROLE.getCode().equals(newMember.getMemberTypeCode())) { Role roleInfo = KimApiServiceLocator.getRoleService().getRole(newMember.getMemberId()); if (roleInfo == null) { GlobalVariables.getMessageMap().putError("document.delegationMember.memberId", RiceKeyConstants.ERROR_MEMBERID_MEMBERTYPE_MISMATCH, new String[] { newMember.getMemberId() }); return false; } else { newMember.setMemberName(roleInfo.getName()); newMember.setMemberNamespaceCode(roleInfo.getNamespaceCode()); } } return true; } public ActionForward addDelegationMember(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; RoleDocumentDelegationMember newDelegationMember = roleDocumentForm.getDelegationMember(); //See if possible to add with just Group Details filled in (not returned from lookup) if (StringUtils.isEmpty(newDelegationMember.getMemberId()) && StringUtils.isNotEmpty(newDelegationMember.getMemberName()) && StringUtils.isNotEmpty(newDelegationMember.getMemberNamespaceCode()) && StringUtils.equals(newDelegationMember.getMemberTypeCode(), KimConstants.KimGroupMemberTypes.GROUP_MEMBER_TYPE.getCode())) { Group tempGroup = KimApiServiceLocator.getGroupService().getGroupByNamespaceCodeAndName( newDelegationMember.getMemberNamespaceCode(), newDelegationMember.getMemberName()); if (tempGroup != null) { newDelegationMember.setMemberId(tempGroup.getId()); } } //See if possible to grab details for Principal if (StringUtils.isEmpty(newDelegationMember.getMemberId()) && StringUtils.isNotEmpty(newDelegationMember.getMemberName()) && StringUtils.equals(newDelegationMember.getMemberTypeCode(), KimConstants.KimGroupMemberTypes.PRINCIPAL_MEMBER_TYPE.getCode())) { Principal principal = KimApiServiceLocator.getIdentityService() .getPrincipalByPrincipalName(newDelegationMember.getMemberName()); if (principal != null) { newDelegationMember.setMemberId(principal.getPrincipalId()); } } if (checkDelegationMember(newDelegationMember) && KRADServiceLocatorWeb.getKualiRuleService().applyRules( new AddDelegationMemberEvent("", roleDocumentForm.getRoleDocument(), newDelegationMember))) { newDelegationMember.setDocumentNumber(roleDocumentForm.getDocument().getDocumentNumber()); if (StringUtils.isEmpty(newDelegationMember.getDelegationTypeCode())) { newDelegationMember.setDelegationTypeCode(DelegationType.SECONDARY.getCode()); } roleDocumentForm.getRoleDocument().addDelegationMember(newDelegationMember); roleDocumentForm.setDelegationMember(roleDocumentForm.getRoleDocument().getBlankDelegationMember()); } return mapping.findForward(RiceConstants.MAPPING_BASIC); } public ActionForward deleteDelegationMember(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm roleDocumentForm = (IdentityManagementRoleDocumentForm) form; // Removing, not inactivating -- is this what we really want? roleDocumentForm.getRoleDocument().getDelegationMembers().remove(getLineToDelete(request)); roleDocumentForm.setDelegationMember(roleDocumentForm.getRoleDocument().getBlankDelegationMember()); return mapping.findForward(RiceConstants.MAPPING_BASIC); } /** * @see org.kuali.rice.kns.web.struts.action.KualiTableRenderAction#switchToPage(org.apache.struts.action.ActionMapping, * org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ public ActionForward jumpToRoleMember(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { IdentityManagementRoleDocumentForm idmForm = (IdentityManagementRoleDocumentForm) form; String delegationRoleMemberId = getDelegationRoleMemberToJumpTo(request); KualiTableRenderFormMetadata memberTableMetadata = idmForm.getMemberTableMetadata(); memberTableMetadata.jumpToPage(idmForm.getPageNumberOfRoleMemberId(delegationRoleMemberId), idmForm.getMemberRows().size(), idmForm.getRecordsPerPage()); memberTableMetadata.setColumnToSortIndex(memberTableMetadata.getPreviouslySortedColumnIndex()); idmForm.setAnchor(delegationRoleMemberId); return mapping.findForward(RiceConstants.MAPPING_BASIC); } protected String getDelegationRoleMemberToJumpTo(HttpServletRequest request) { String delegationRoleMemberIdToJumpTo = ""; String parameterName = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE); if (StringUtils.isNotBlank(parameterName)) { delegationRoleMemberIdToJumpTo = StringUtils.substringBetween(parameterName, ".dmrmi", "."); } return delegationRoleMemberIdToJumpTo; } /** * Side-effecting method returns an ActionForward if needed for handling prompting of the user about automatically * "inactivating" active delegates of inactive role members. If the user has already responded "Yes", delegates are * "inactivated" here, and a null forward is returned. Otherwise, an appropriate forward is returned. * * @param roleMembersToConsiderInactive additional role members to consider inactive for the purposes of this computation */ private ActionForward promptForAffectedDelegates(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, IdentityManagementRoleDocumentForm roleDocumentForm, KimDocumentRoleMember... roleMembersToConsiderInactive) throws Exception { // KULRICE-4762: Role: Removed an Assignee who has delegations associated with him and now the Role cannot be updated // To solve this issue, prompt for confirmation if there are active delegates for the role member being "inactivated", // and upon confirmation, "inactivate" the delegates too. List<RoleDocumentDelegationMember> activeDelegatesOfInactiveRoleMembers = getActiveDelegatesOfInactiveRoleMembers( roleDocumentForm, roleMembersToConsiderInactive); ActionForward forward = getAffectedDelegatesQuestionActionForward(activeDelegatesOfInactiveRoleMembers, mapping, form, request, response, roleDocumentForm); // if the question logic gave us a forward, do it if (forward != null) { return forward; } // otherwise, inactivate affected delegates if (activeDelegatesOfInactiveRoleMembers.size() > 0) { Calendar cal = Calendar.getInstance(); // deactivate (inactivate?) delegates for (RoleDocumentDelegationMember delegateToDeactivate : activeDelegatesOfInactiveRoleMembers) { delegateToDeactivate.setActiveToDate(new Timestamp(cal.getTimeInMillis())); } } return null; } /** * <p>If there are active delegates of an "inactivated" role member, return an ActionForward to prompt the user * letting them know that the delegates will be "inactivated" too if they proceed. * <p>Also, if the user has already responded to the question and the response was (1) "Yes", then return null, signifying * that we can go ahead and take the needed action to "inactivate" the delegates; or (2) "No", then return a basic forward that * will cancel further action. */ private ActionForward getAffectedDelegatesQuestionActionForward( List<RoleDocumentDelegationMember> activeDelegatesOfInactiveRoleMembers, ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, IdentityManagementRoleDocumentForm roleDocumentForm) throws Exception { if (activeDelegatesOfInactiveRoleMembers.size() > 0) { Object question = getQuestion(request); // logic for delegates question if (question == null || !REMOVE_AFFECTED_DELEGATES_QUESTION_ID.equals(question)) { return performQuestionWithoutInput(mapping, form, request, response, REMOVE_AFFECTED_DELEGATES_QUESTION_ID, getKualiConfigurationService().getPropertyValueAsString( RiceKeyConstants.QUESTION_ACTIVE_DELEGATES_FOR_INACTIVE_MEMBERS), KRADConstants.CONFIRMATION_QUESTION, roleDocumentForm.getMethodToCall(), StringUtils.EMPTY); } Object buttonClicked = request.getParameter(KRADConstants.QUESTION_CLICKED_BUTTON); if ((REMOVE_AFFECTED_DELEGATES_QUESTION_ID.equals(question)) && ConfirmationQuestion.YES.equals(buttonClicked)) { // the question was answered in the affirmative. // fall through, no special mapping to return } else { // NO was clicked ... what to do? Return basic mapping without "inactivating" anything return mapping.findForward(RiceConstants.MAPPING_BASIC); } } return null; } /** * This method returns a list of all active delegates for role members that are inactive * * @param roleDocumentForm form bean * @param roleMembersToConsiderInactive additional role members to consider inactive for the purposes of this computation * @return the active delegates of inactive role members */ private List<RoleDocumentDelegationMember> getActiveDelegatesOfInactiveRoleMembers( IdentityManagementRoleDocumentForm roleDocumentForm, KimDocumentRoleMember... roleMembersToConsiderInactive) { List<KimDocumentRoleMember> roleMembers = roleDocumentForm.getMemberRows(); List<KimDocumentRoleMember> inactiveRoleMembers = new ArrayList<KimDocumentRoleMember>(); List<RoleDocumentDelegationMember> activeDelegatesOfInactivatedRoleMembers = new ArrayList<RoleDocumentDelegationMember>(); inactiveRoleMembers.addAll(Arrays.asList(roleMembersToConsiderInactive)); if (roleMembers != null) { for (KimDocumentRoleMember roleMember : roleMembers) { if (roleMember != null) { if (!roleMember.isActive()) { inactiveRoleMembers.add(roleMember); } } } } for (KimDocumentRoleMember inactiveRoleMember : inactiveRoleMembers) { // check if there are delegates for the member being removed List<RoleDocumentDelegationMember> delegationMembers = roleDocumentForm.getRoleDocument() .getDelegationMembers(); if (delegationMembers != null) { for (RoleDocumentDelegationMember delegationMember : delegationMembers) { if (delegationMember != null && delegationMember.isActive()) { // if the roleMember for this delegation is the same as the inactivatedRoleMember if (delegationMember.getRoleMemberId().equals(inactiveRoleMember.getRoleMemberId())) { activeDelegatesOfInactivatedRoleMembers.add(delegationMember); } } } } } return activeDelegatesOfInactivatedRoleMembers; } /** * This method overrides validateRole() from IdentityManagementDocumentActionBase. * The difference with this method is that it allows derived roles. * The base implementation returns false if the role is a derived role. * */ @Override protected boolean validateRole(String roleId, Role role, String propertyName, String message) { if (role == null) { GlobalVariables.getMessageMap().putError(propertyName, RiceKeyConstants.ERROR_INVALID_ROLE, roleId); return false; } return true; } }